class Google::Apis::ContaineranalysisV1beta1::BuildSignature

Message encapsulating the signature of the verified build.

Attributes

key_id[RW]

An ID for the key used to sign. This could be either an ID for the key stored in `public_key` (such as the ID or fingerprint for a PGP key, or the CN for a cert), or a reference to an external key (such as a reference to a key in Cloud Key Management Service). Corresponds to the JSON property `keyId` @return [String]

key_type[RW]

The type of the key, either stored in `public_key` or referenced in `key_id`. Corresponds to the JSON property `keyType` @return [String]

public_key[RW]

Public key of the builder which can be used to verify that the related findings are valid and unchanged. If `key_type` is empty, this defaults to PEM encoded public keys. This field may be empty if `key_id` references an external key. For Cloud Build based signatures, this is a PEM encoded public key. To verify the Cloud Build signature, place the contents of this field into a file (public.pem). The signature field is base64-decoded into its binary representation in signature.bin, and the provenance bytes from ` BuildDetails` are base64-decoded into a binary representation in signed.bin. OpenSSL can then verify the signature: `openssl sha256 -verify public.pem - signature signature.bin signed.bin` Corresponds to the JSON property `publicKey` @return [String]

signature[RW]

Required. Signature of the related `BuildProvenance`. In JSON, this is base-64 encoded. Corresponds to the JSON property `signature` NOTE: Values are automatically base64 encoded/decoded in the client library. @return [String]

Public Class Methods

new(**args) click to toggle source
# File lib/google/apis/containeranalysis_v1beta1/classes.rb, line 527
def initialize(**args)
   update!(**args)
end

Public Instance Methods

update!(**args) click to toggle source

Update properties of this object

# File lib/google/apis/containeranalysis_v1beta1/classes.rb, line 532
def update!(**args)
  @key_id = args[:key_id] if args.key?(:key_id)
  @key_type = args[:key_type] if args.key?(:key_type)
  @public_key = args[:public_key] if args.key?(:public_key)
  @signature = args[:signature] if args.key?(:signature)
end